Make the meaning of done actually reflect what's happening,
and make sure that when we get an error in the error handler,
that the processing loop breaks out and returns that error.
This wasn't happening for Ad-Hoc connections, which apparently
return various errors for things, leading to blocking in
recv() in the kernel waiting for more data that would never
come, because we'd already gotten an error.
Carrier checking can be synchronous, like when bringing up the device.
If the carrier changes as a result of the sync carrier state checking,
the code might change state. Unfortunately brining up a device
happens in response to a state change already, and we can't change
state from within handlers for the device state change signal, so
we need to queue up the new state change that results from a
carrier change.
When NM was registering all of its enum types by hand, it was using
NamesLikeThis rather than the default names-like-this for the "nick"
values. When we switched to using glib-mkenums, this resulted in
dbus-glib using different strings for the D-Bus error names, causing
compatibility problems.
Fix this by using glib-mkenums annotations to manually fix all the
enum values back to what they were before. (This can't be done in a
more automated way, because the old names aren't 100% consistent. Eg,
"UNKNOWN" frequently becomes "UnknownError" rather than just
"Unknown".)
Ifnet currently does not deal with user agent service. Any connection
that comes with flagged secrets or is not system connection will be
ignored by the plugin. Thanks to David Narvaez for his great help on
this problem.
Would affect non-nl80211 drivers since all nl80211 drivers have the
phyX link in sysfs and thus this code wouldn't get run for them.
Found by Dmitri <mitya@mageia.org>
Clarify how we're supposed to break out of the nl_recvmsgs() loop
and also break out if we get an error from nl_recvmsgs(). What's
supposed to happen is that one of the callbacks we've registered
figures out that we're done and sets the 'done' flag, which then
breaks out of the recvmsgs() loop. Using 'err' there previously
was pretty unclear.
This reverts commit 84403ab84a.
It appears we want to loop until one of the callback says we're
done, while this patch would exit too early (possibly before we'd
received a reply) since nl_recvmsgs() returns 0 on success. What
we really want do do here is wait for one of the callbacks we've
registered to tell us that they've successfully handled the message
and gotten a reply.
The carrier signal might be delayed a bit, so if we're creating
the device as a result of activating a connection, make sure the
carrier is up-to-date so we can proceed with activation.
Single quotes ensure we don't break initscripts (bash processing) when the
string contains special characters. Special handling is necessary for single
quotes characters. They have to be escaped and the whole string has to be
prepended with '$' character so that bash is happy.
This change also filters out CR and LF characters as they break WPA_PSK
variable and could pose security issues.
"InfiniBand" has a capital "B". Fix that everywhere it's being used as
a human-readable string.
In particular, the RH initscripts recognize "TYPE=infiniband" and
"TYPE=InfiniBand", but not "TYPE=Infiniband", which is what we were
writing before.
For virtual interfaces and other cases we won't necessarily have
a device path, which means clients will be passing "/" instead.
Fix that up the same way we fix up the specific object.
We can't guarantee the ordering of devices that udev sends to us
on startup. Thus, a VLAN interface could be sent before its
parent is, and we won't be able to find the parent in the device
list. But that's fine; all parents will be detected during the
first pass, and we silently fail the VLAN interface. Then we
do a second pass where any remaining VLAN interfaces will be
created because we found the parents during the first pass.
There's both nl_addr_set_prefixlen() to set the binary address's
prefix length and rtnl_addr_set_prefixlen() to set the container
RTNL address's prefix length. When the addresses come in from
the kernel these are the same, but when sending addresses to
the kernel, NM wasn't setting them to the same thing. Do that,
since apparently libnl wants that when matching addresses in
nm-system.c:sync_addresses() here:
if (addrs[i] && nl_object_identical (match, (struct nl_object *) addrs[i]))
break;
otherwise the kernel addres (match) doesn't match the NM-derived
address (addrs[i]) that we got from the IP6Manager when reading
back kernel IPv6 addresses in response to netlink events.
Because the supplicant doesn't have a BSS property for "last seen"
we have to fake that by listening to PropertiesChanged events for
stuff like signal strength, which usually changes a bit from scan
to scan. But in case it doesn't change, we'll never get that PC
signal, and thus we'll never update our internal 'last seen'
timestamp, and thus the AP will get removed from the NM scan list
even if it was in the supplicant's last scan results.
So, if the AP if we haven't receieved a BssRemoved signal for the
AP yet don't remove it from the NM scan list. One caveat is that
if the supplicant's DEFAULT_BSS_EXPIRATION_AGE value is greater
than NM's AP expiration age, NM will by consequence use the
supplicant's value instead. At the moment the supplicant sets
DEFAULT_BSS_EXPIRATION_AGE to 180 seconds while NM's is 360.
When we want to change the zone an interface belongs to
we can't use firewalld's addInterface() because this one
doesn't allow to add interface to zone when it already
has been part of some other/same zone.
We need to use changeZone() method instead - hopefuly
this is the final name of this method.
Drop --strict-order; dnsmasq is intelligent enough to ask nameservers in
an order that makes the best of possibly slow nameservers (or broken ones),
and interrogating them in strict order breaks this.
Add --no-hosts: by default dnsmasq will read /etc/hosts as a list of things
to resolve statically; this is something we want to avoid as nsswitch.conf
already lists files as the first data store to look at; where the entries
in /etc/hosts will already have been returned if that's what the user wants
to see. If the /etc/hosts file then changes, dnsmasq would have to be restarted
before the user would get the new value resolved externally. Avoid this, let
/etc/hosts override DNS entries normally through the resolver and show
changes as soon as the file is updated.
Otherwise if another connection was subsequently activated on a
bond interface, and didn't specify all options, ones set for the
previous connection could stay set for the new connection.
We already have the master device kept in the active connection, so
we can just use that instead of having the Policy determine and set
it manually. This also should allow slaves to auto-activate their
master connections if the master is able to activate.
Virtual devices that we might create when their slave is started
(like bonds) have a virtual carrier that often isn't set on when
until the device is brought up. The device is brought up during
creation, but the initial carrier check happens before the device
is up, so the initial carrier state from the constructor isn't
quite accurate in some cases.
Since we want to use virtual interfaces that we create right after
we create them, we want them to be available too, and that usually
requires the carrier to be on. So recheck the carrier right after
bringing the interface up, so that the carrier state is accurate
immediately after the device is created.
Track a master active connection and emit wait/ready/fail when
it changes state. This signal is intended for devices to
delay their activation until a master device is ready.
This function used to be used only from activation paths, so it
was fine to assert there because we always expected that there
would be an activation request. These days we'd like to use it
in more places, so just return NULL if there's no connection.
They are the basic class that tracks active connections, and we're
going to use them for connection dependencies. So use the fact that
both NMVPNConnection and NMActRequest have the same base class
instead of using object paths.
Many different interface types can support VLANs, including
Infiniband, WiFi, etc. So we have to create a new device class
for them instead of keeping the support in NMDeviceEthernet.
We'll want to eventually match (for VLAN) a given hardware address
that's not the device's hardware address. Only the device itself
knows which NMSetting should contain it's hardware address (ie
the 'wired' setting for NMDeviceEthernet, 'infiniband' for
NMDeviceInfiniband, etc) and VLANs take their hardware address
from the parent interface. So eventually we'll have VLAN
interfaces use these new arguments to ask their parent interface
to match the VLAN hardware address in a connection, since the
VLAN doesn't know (or need to know) what kind of interface it
really is underneath.
Add some testcases checking for DEVICE/PHYSDEV/VLAN_ID variations,
and read/write the new VLAN_ID tag, which we can use in
combination with the 'parent' property to determine the interface
name if no interface name/DEVICE is given.
